In general, access control systems rely upon lock and key principles to grant or deny access to a secure asset. Whether the keys are configured as physical keys presented to a mechanical lock or virtual keys presented to an access control unit, most keys include specific features or characteristics that are either recognized by or match lock features before access is granted to the asset. Some access control systems employ the use of various portable devices to maintain credential information for presentation to a reading device. The portable devices are generally configured to communicate with the reading device via wireless communication protocols.
One example of a portable device includes the radio frequency identification (RFID) device, such as a contactless smart card, key fob, or the like, to store credential information that can be used to gain access to an asset. When presented to a reader/interrogator, the smart card transmits the stored credential information for verification by the reader/interrogator. The reader/interrogator processes the credential information and determines if the smart card being presented is a valid smart card. If the reader/interrogator determines that credential information associated with the smart card is valid, then the reader/interrogator initiates any number of actions including allowing the holder of the smart card access to an asset protected thereby.
Another example of a portable device can include a wireless mobile device, such as a communication device, mobile phone, smartphone, etc. In this case, credential information may be stored in a memory associated with the mobile device and communicated to a reading device using at least one wireless communication protocol available to the mobile phone.
As access control technology continually progresses, devices and communication protocols evolve to offer more security, portability, and interoperability. However, the benefits of this evolution may be thwarted by increasing instances of identity theft, stolen credentials, and/or other access control device theft.
EP 1 926 038 A1 presents an authentication system including: a receiving unit operable to receive first ID information from a first device, and receive second ID information from a second device; and an authority information generating unit operable to generate authority information having an authority range varying according to the number of pieces of the ID information received by the receiving unit.